On Wednesday 08 March 2006 14:43, Roger Heflin wrote: >> -----Original Message----- >> From: fedora-list-bounces@xxxxxxxxxx >> [mailto:fedora-list-bounces@xxxxxxxxxx] On Behalf Of Robin Laing >> Sent: Wednesday, March 08, 2006 11:42 AM >> To: For users of Fedora Core releases >> Subject: Re: Probably silly Q >> >> Roger Heflin wrote: >> >>>Ok, I've inserted that line in services thats needed for >> >> >> >>that to work, >> >> >> >>>syslog 514/udp >> >>> >> >>>And added the -r option to OPTIONS in the syslog file in >> >>>/etc/sysconfig, SIGHUPed syslogd, and turned the routers >> >> >> >>forwarding of >> >> >> >>>the access log to the main 192.168.x.x address of that >> >> >> >>machine. But >> >> >> >>>nothing is appearing in either all.log or any other log >> >> >> >>with a recent timestamp. >> >> >> >>>Did I miss something? Or is the linksys BEFSR41 routers >> >> logging to >> >> >>>some other unk (udp/tcp) port besides 514? >> >> >> >>---- >> >>Let's keep this on list OK? >> >> >> >>Firewall on Linux system blocking port 514 protocol UDP? >> >> >> >>Logging will go into /var/log/messages unless you redirect it via >> >>syslog.conf # man syslog.conf >> > >> > Linksys sends snmptraps to the snmptrap port (161) (man snmptrapd) >> > this is a standard service that will listen to this port and do >> > whatever is configured with the data (save it to syslog, or to >> > elsewhere, and/or even execute scripts to process the >> >> incomming data), >> >> > it can be checkconfig'ed on and will put the messages into >> >> whatever >> >> > is configured by snmptrapd. >> > >> > I have been using it for years on both Windows and Linux. >> >> snmptraps >> >> > are os independent, where as syslog in typically unix only. >> > >> > You can also set the ip address to send it to, to be .255 >> >> and it will >> >> > nicely broadcast on your local subnet. >> > >> > Roger >> >> I didn't know that it was snmp that was used. When I looked >> into it I was continuously told that I needed special >> software. I didn't know about ethereal or tcdump at that time. >> >> Then any management software that reads snmptraps should get >> the data. >> Then the answer to the OP would be any snmp monitoring >> program, correct? What software do you use? >> >> I don't know much about snmp past the basics. > >snmptrapd see "man snmptrapd", if it is not installed add it, >it comes default on a full fc4 install. > > Roger >From Ripley's Believe it or Not, it was sitting in /etc/init.d, I did a chkconfig snmptrapd on, then edited it to make a seperate logfile, started it and its working. Now to figure out a way to actually make it usefull :-) The log its generating looks like this: 2006-03-08 18:40:10 router.coyote.den [192.168.1.1] TRAP, SNMP v1, community public enterprises.3093.2.2.1 Enterprise Specific Trap (1) Uptime: 3 days, 9:13:22.01 enterprises.3093.1.1.0 = "@in 213.46.20.125 32459 141.153.73.76 6881." But I have NDI where its getting that uptime, because [root@gene etc]# uptime 6:41pm up 208 days, 5:55, 3 users, load average: 0.00, 0.00, 0.00 And [root@gene etc]# uname -r 2.4.29 Darned kernel is getting a bit long in the tooth there. :) -- Cheers, Gene People having trouble with vz bouncing email to me should add the word 'online' between the 'verizon', and the dot which bypasses vz's stupid bounce rules. I do use spamassassin too. :-) Yahoo.com and AOL/TW attorneys please note, additions to the above message by Gene Heskett are: Copyright 2006 by Maurice Eugene Heskett, all rights reserved.
